IT Security Newsletter - 3/20/2024
Five Eyes tell critical infra orgs: take these actions now to protect against China's Volt Typhoon
The Feds and friends yesterday issued yet another warning about China's Volt Typhoon gang, this time urging critical infrastructure owners and operators to protect their facilities against destructive cyber attacks that may be brewing. The Tuesday alert comes a little more than a month after the same groups from the same Five Eyes nations sounded the alarm on Volt Typhoon compromising "multiple" critical infrastructure orgs' IT networks in America. READ MORE...
The 'AT&T breach'-what you need to know
Earlier this week, the data of over 70 million people was posted for sale on an online cybercrime forum. The person selling the data claims it stems from a 2021 breach at AT&T. Back in 2021, a hacker named Shiny Hunters claimed to have breached AT&T and put the alleged stolen data up for sale for $1 million for a direct sell. Fast forward three years and another threat actor calling themselves MajorNelson has leaked what they say is the same data. READ MORE...
Beijing-backed cyberspies attacked 70+ orgs across 23 countries
Chinese cyberspies have compromised at least 70 organizations, mostly government entities, and targeted more than 116 victims across the globe, according to security researchers. The Beijing-backed hacking crew, dubbed Earth Krahang, exploits public-facing servers and uses phishing emails to deploy two custom backdoors, according to Trend Micro, which has been monitoring the cyberespionage campaign since early 2022. READ MORE...
Russian Intelligence Targets Victims Worldwide in Rapid-Fire Cyberattacks
Russian state hackers are performing targeted phishing campaigns in at least nine countries spread across four continents. Their emails tout official government business and, if successful, threaten not just sensitive organizational data, but also geopolitical intelligence of strategic importance. Such a sophisticated, multi-pronged plot could only be wrought by a group as prolific as Fancy Bear, which IBM X-Force tracks as ITG05 in a new report. READ MORE...
Tax scammer goes after small business owners and self-employed people
While most tax payers don't particularly look forward to tax season, for some scammers it's like the opening of their hunting season. So it's no surprise that our researchers have found yet another tax-related scam. In this most recent scam, we've not seen the lure the scammer uses, but it is likely to be an email telling the target to quickly go to this site to apply for your IRS EIN/Federal tax ID number. READ MORE...
Growing AceCryptor attacks in Europe
ESET Research has recorded a considerable increase in AceCryptor attacks, with detections tripling between the first and second halves of 2023. In recent months, researchers registered a significant change in how AceCryptor is used, namely that the attackers spreading Rescoms (also known as Remcos) started utilizing AceCryptor, which was not the case beforehand. Rescoms is a remote access tool (RAT) often used by threat actors for malicious purposes. READ MORE...
A prescription for privacy protection: Exercise caution when using a mobile health app
In today's digital economy there's an app for just about everything. One area that's booming more than most is healthcare. From period and fertility trackers to mental health and mindfulness, there are mobile health (mHealth) applications available to help with almost any condition. In fact, it's a market already experiencing double-digit growth, and set to be worth an estimated $861 billion by 2030. But when using these apps, you could be sharing some of the most sensitive data you possess. READ MORE...
White House and EPA warn of hackers breaching water systems
U.S. National Security Advisor Jake Sullivan and Environmental Protection Agency (EPA) Administrator Michael Regan warned governors today that hackers are "striking" critical infrastructure across the country's water sector. In a joint letter sent on Tuesday, they asked for the governors' support to ensure that water systems in their states are adequately defended against cyberattacks and that they can recover if they are breached. READ MORE...
300,000 Systems Vulnerable to New Loop DoS Attack
Researchers from the CISPA Helmholtz Center for Information Security in Germany have disclosed the details of a new denial-of-service (DoS) attack vector that impacts several widely used UDP-based application protocols and hundreds of thousands of internet-facing systems. The experts have demonstrated a loop DoS attack where an attacker uses IP spoofing to get two servers to communicate with each other indefinitely over a protocol they both use. READ MORE...
US Defense Dept received 50,000 vulnerability reports since 2016
The Cyber Crime Center (DC3) of the U.S. Department of Defense says it has reached the milestone of processing its 50,000th vulnerability report submitted by 5,635 researchers since its inception in November 2016. The federal agency launched its Vulnerability Disclosure Program (VDP) 7.5 years ago following a bug bounty event called 'Hack-the-Pentagon,' to engage crowd-sourced vulnerability reports that could help bolster its cyber defenses. READ MORE...
- ...in 1916, Albert Einstein publishes his general theory of relativity, providing the basis for the current description of gravitation in modern physics.
- ...in 1923, The Arts Club of Chicago hosts the first showing of Pablo Picasso's art in the United States.
- ...in 1928, TV personality and Presbyterian minister Fred Rogers, the creator and host of "Mister Rogers' Neighborhood", is born in Latrobe, PA.
- ...in 1957, film director and actor Shelton Jackson Lee, AKA Spike Lee ("Do The Right Thing", "Malcolm X") is born in Atlanta, GA.